Hundreds of US Businesses Hit by Ransomware Attack

Miami-based IT firm Kaseya has been hit by a ransomware attack, affecting hundreds of American businesses, as well as some in Sweden.

Around 200 businesses in the US and elsewhere have been hit by s “colossal” ransomware attack, according to cybersecurity firm Huntress Labs. Kaseya provides tech management tools to organisations across the world, and the ransomware attack has affected hundreds of businesses, including a grocery chain in Sweden, which had to close at least 800 stores. The affected service, called Kaseya VSA, provides unified remote monitoring and management, allowing businesses to remotely monitor their systems and automatically take care of maintenance and updates.

Incidents of ransomware attacks have exploded over the past year, with criminal gangs looking to exploit remote working during the pandemic, along with the rise of cryptocurrency. Hackers infect systems, encrypt the data, and demand a ransom in return for the decryption key. Additionally, they may try and extort money by threatening to leak the affected data, too. The New York Times is reporting that some of the victims of the Kaseya ransomware attack have received ransom demands for $5 million.

On Saturday, President Biden announced an investigation into the ransomware attack was being carried out by US intelligence agencies. It is believed that the REvil ransomware gang was responsible for the attack. REvil leases its software to “affiliates”, who then infect victims and extort money. Part of the investigation will be to determine whether the ransomware attack on Kaseya originated in Russia or not.